Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.11 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Using the cloud Setting up Safeguard for Privileged Passwords for the first time Search box Using the web client Installing the desktop client Using the desktop client Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions Appendix E: Historical changes by release Glossary

Replaying a session

You can play back a recorded session from the Request Workflow dialog, which can be accessed by clicking the Workflow button that appears to reviewers for completed session requests and in the Activity Center view when an access request event is selected in an activity audit log report. In addition, you can play back a recorded session by clicking the icon displayed to the left of an access request session event on the activity audit log report in the Activity Center view.

NOTE: This feature is only available for session requests that have Record Session enabled in the access request policy (Access Config tab).

(desktop client only) To play back a session (Request Workflow dialog)

  1. Open the Request Workflow dialog using the Workflow button.

    NOTE: If accessing the Request Workflow dialog from the Activity Center, select an Access Request Session event from the activity audit log report.

  2. Locate an Initialize Session event and click Play to launch the Desktop Player.

    A (green dot) indicates the session is live. A user with Security Policy Administrator permissions can click this icon to follow an active session.

    If the session recording has been archived from the local Safeguard file system or was recorded from the embedded session module prior to joining a Sessions Appliance, you will see a Download button instead of a Play button. Click Download to download the recording and then click Play.

    CAUTION: If you receive a message like: No Desktop Player. The Safeguard Desktop Player is not installed. would you like to install it now?, click Yes. See Installing the desktop client, Installing the Desktop Player, step 2.

  3. Accept the certificate to continue.

    In the Certificate error message, click Continue to use the default Session Recording Signing certificate shipped with Safeguard for Privileged Passwords. To use a different SSL certificate, click Abort and then import the appropriate certificates including the root CA.

  4. Use one of the following methods to play back the session recording:

    • Click Play Channel from the toolbar at the top of the player.
    • Click in the thumbnail in the upper right corner of the Information page.
    • Click Play Channel next to a channel in the Channels pane.

Desktop Player User Guide

To download the player user guide, go to One Identity Safeguard for Privileged Sessions - Technical Documentation. Scroll to User Guide and click One Identity Safeguard for Privileged Sessions [version] Safeguard Desktop Player User Guide.

Archiving session recordings

For more information on archiving session recordings, see Session Recordings Storage Management.

Following and terminating a "live" session

An access request session event with a (green dot) in the left-most column of the activity audit log report or Request Workflow dialog indicates that the session is "live". Clicking this button launches the Desktop Player allowing you to follow what is happening in the active session. Safeguard for Privileged Passwords also allows you to terminate an active session directly from the desktop player.

NOTE: You must have Security Policy Administrator permissions to follow an active session.

(desktop client only) To watch or terminate a "live" session

  1. From the Request Workflow dialog or Activity Center activity audit log report click the (green dot) next to an access request session event.

    NOTE:Security Policy Administrators can also launch the Safeguard Desktop Player from the Access Requests view. Select an access request session in the request grid and click the View Live Session toolbar button.

    The Safeguard Desktop Player launches allowing you to watch the active session. On the Information page, the thumbnail (upper right) displays a blinking red recording button when a session is "live".

  2. Use one of the following methods to follow the session:

    • Click Play Channel from the toolbar at the top of the player.
    • Click in the thumbnail in the upper right corner of the Information page.
    • Click Play Channel next to a channel in the Channels pane.
  3. In the play back window, you will see a Terminate button and a Live indicator in the lower right corner.
  4. Click Terminate to stop the active session.

NOTE: You can also terminate an active session by revoking the session through the Windows desktop client.

Toolbox

When you select the  Administrative Tools link from the Home page navigation pane, the Toolbox view appears. This view gives you quick-start links to the tasks you can perform.

NOTE: The display is tailored to your Administrator permissions.

Each numbered tile gives you quick access to its Administrative Tool. Clicking displays the dialog allowing you to add an object.

In addition, the Toolbox allows you to view the status of running tasks.

Viewing task status

Safeguard for Privileged Passwords displays a number on your Toolbox navigation link to notify you when you have any tasks running.

To view task status

  1. Navigate to the Toolbox.
  2. Click  Popout to float the Tasks pane.

    You can then select and drag the pane to any location on the console and re-size the window.

  3. Click  Remove to delete a task from the pane.
  4. Click  Cancel next to a running task to stop a task.
  5. Click Clear to remove all items from the Tasks pane.
Related Documents